DNS Limits

Adding a domain you own to your DigitalOcean account lets you manage the domain’s DNS records with the control panel and API. Domains you manage on DigitalOcean integrate with DigitalOcean Load Balancers and Spaces to streamline automatic SSL certificate management.

  • DigitalOcean does not currently provide domain registration services. To use DigitalOcean DNS, you need to register a domain name with a registrar and update your domain’s NS records to point to DigitalOcean’s name servers.

  • The number of domains you can add to your account depends on the limits set for your account. We use dynamic resource limits to protect our platform against bad actors. Currently, you can’t check your resource limit for domains, but you can contact support if you reach the limit and need to increase it. We are working on features that allow you to review this limit in the control panel.

  • All DNS records require a minimum TTL value of 30 seconds.

  • DigitalOcean DNS does not support the following CAA record features:

    1. Blocking anyone from issuing certificates by sending a semicolon (;) in the value.
    2. Allowing name-value tags after the CA name, for example: letsencrypt.org; abc=cde.
  • Records created at a hostname covered by a wildcard record will stop wildcard resolution for that hostname. For example, if you have an A wildcard record at *.example.com, and you add an MX record at the hostname email.example.com, the A wildcard record will no longer be served at email.example.com. However, you can still add an explicit A record to the hostname email.example.com if your use case requires it.

  • DigitalOcean DNS does not support tags.

  • When adding domains or DNS records containing non-ASCII characters (such as accents or other Unicode characters), you must first convert them to Punycode.

  • DigitalOcean’s terms of service prohibit adding country code top-level domains (ccTLDs) from OFAC-sanctioned countries. For more information, including a list of countries, see section 5.7 of our Rules of Conduct in our terms of service.

  • DigitalOcean DNS does not support the creation of DNSSEC (DS) records.